Hi,
I am facing a problem that is the following:
I have 2 hosts that I connect via gre tunnel.
On host 1:
I use mininet to connect 4 hosts to openvswitch bridge s1:
mininet> dump
<Host h1: h1-eth0:10.0.0.1 pid=2223>
<Host h2: h2-eth0:10.0.0.2 pid=2226>
<Host h3: h3-eth0:10.0.0.3 pid=2228>
<Host h4: h4-eth0:10.0.0.4 pid=2230>
<OVSSwitch s1:
lo:127.0.0.1,s1-eth1:None,s1-eth2:None,s1-eth3:None,s1-eth4:None pid=2235>
<Controller c0: 127.0.0.1:6633 pid=2216>
# ovs-vsctl show
9eb8e438-e489-411f-bdde-b6075026d199
Bridge "s1"
Controller "ptcp:6634"
Controller "tcp:127.0.0.1:6633"
is_connected: true
fail_mode: secure
Port "s1-eth2"
Interface "s1-eth2"
Port "s1-eth1"
Interface "s1-eth1"
Port "s1-eth4"
Interface "s1-eth4"
Port "s1-eth3"
Interface "s1-eth3"
Port "gre0"
Interface "gre0"
type: gre
options: {remote_ip="192.168.56.109"}
Port "s1"
Interface "s1"
type: internal
# ovs-ofctl show s1
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000000000000001
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src
mod_dl_d
st mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
1(s1-eth1): addr:62:fd:09:5e:bc:99
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
2(s1-eth2): addr:92:b4:7a:77:58:e8
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
3(s1-eth3): addr:62:e8:08:fc:ef:d6
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
4(s1-eth4): addr:ea:8f:c6:f6:37:43
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
10(gre0): addr:86:f6:b8:e3:72:4e
config: 0
state: 0
speed: 0 Mbps now, 0 Mbps max
LOCAL(s1): addr:22:0c:37:f1:9a:42
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
==> on host2
I have connect a docker container (with ip 10.0.0.1 ) directly to
openvswitch brideg s1 on port 1
# ovs-vsctl show
e793ccff-6257-4865-a75b-0f0e87150fdc
Bridge "s1"
Port "s1"
Interface "s1"
type: internal
Port "gre0"
Interface "gre0"
type: gre
options: {remote_ip="192.168.56.101"}
#ovs-ofctl show s1
OFPT_FEATURES_REPLY (xid=0x2): dpid:00000edef8ab794e
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src
mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
1(8cfb87deac6b4_l): addr:92:4c:79:47:a9:68
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
10(gre0): addr:e2:9c:97:ac:e4:ff
config: 0
state: 0
speed: 0 Mbps now, 0 Mbps max
LOCAL(s1): addr:0e:de:f8:ab:79:4e
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
At this point:
pingall work
mininet> pingall
*** Ping: testing ping reachability
h1 -> h2 h3 h4
h2 -> h1 h3 h4
h3 -> h1 h2 h4
h4 -> h1 h2 h3
*** Results: 0% dropped (12/12 received)
And h1, .., h4 can ping individually the container (10.0.0.11) on host 2
When I add rules below on the switch:
hosts h1, .., h4 can ping the container on host2
mininet> h1 ping -c 4 10.0.0.11
PING 10.0.0.11 (10.0.0.11) 56(84) bytes of data.
64 bytes from 10.0.0.11: icmp_req=1 ttl=64 time=8.05 ms
64 bytes from 10.0.0.11: icmp_req=2 ttl=64 time=0.546 ms
64 bytes from 10.0.0.11: icmp_req=3 ttl=64 time=0.402 ms
64 bytes from 10.0.0.11: icmp_req=4 ttl=64 time=0.369 ms
--- 10.0.0.11 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3011ms
rtt min/avg/max/mdev = 0.369/2.342/8.051/3.296 ms
but h1 cannot ping h2 or h3 or h4 so pingall failed
mininet> pingall
*** Ping: testing ping reachability
h1 -> X X X
h2 -> X X X
h3 -> X X X
h4 -> X X X
*** Results: 100% dropped (0/12 received)
Here are openflow rules :
==> On Host 1
ovs-ofctl add-flow s1
dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=1,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=2,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=3,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=4,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=10,nw_dst=10.0.0.1,actions=output:1
ovs-ofctl add-flow s1 icmp,in_port=10,nw_dst=10.0.0.2,actions=output:2
ovs-ofctl add-flow s1 icmp,in_port=10,nw_dst=10.0.0.3,actions=output:3
ovs-ofctl add-flow s1 icmp,in_port=10,nw_dst=10.0.0.4,actions=output:4
==> On host 2
ovs-ofctl add-flow s1 icmp,in_port=10,nw_dst=10.0.0.11,actions=output:1'],
shell = True)
ovs-ofctl add-flow s1 icmp,in_port=1,nw_dst=10.0.0.1,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=1,nw_dst=10.0.0.2,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=1,nw_dst=10.0.0.3,actions=output:10
ovs-ofctl add-flow s1 icmp,in_port=1,nw_dst=10.0.0.4,actions=output:10
So the openflow rules are not good. can you help me about what is missing
in these rules ?
Thanks,
Georges
_______________________________________________
discuss mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
